Thanks
//Johan
"Doesn't work" is a remarkably vague statement. You would probably have
more chance of getting help if you were a teeny bit more explicit.
[9/19/05 12:14:44:226 CEST] 612d1a6d UserRegistryI A SECJ0136I: Custom Registry:com.ibm.ws.security.registry.ldap.LdapRegistryImpl has been initialized
[9/19/05 12:14:44:450 CEST] 612d1a6d LdapRegistryI E SECJ0352E: Could not get the users matching the pattern wasadmin because of the following exception javax.naming.AuthenticationException: [LDAP: error code 49 - 80090304: LdapErr: DSID-0C090311, comment: AcceptSecurityContext error, data 20ee, va28]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2750)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2696)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2497)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2414)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:258)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:91)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java(Compiled Code))
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java(Inlined Compiled Code))
at javax.naming.InitialContext.init(InitialContext.java(Inlined Compiled Code))
at javax.naming.InitialContext.<init>(InitialContext.java(Compiled Code))
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java(Inlined Compiled Code))
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.getDirContext(LdapRegistryImpl.java(Compiled Code))
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.search(LdapRegistryImpl.java(Compiled Code))
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.search(LdapRegistryImpl.java:1566)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.search(LdapRegistryImpl.java:1561)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.getUsers(LdapRegistryImpl.java:1080)
at com.ibm.ws.security.registry.ldap.LdapRegistryImpl.checkPassword(LdapRegistryImpl.java:254)
at com.ibm.ws.security.registry.UserRegistryImpl.checkPassword(UserRegistryImpl.java:245)
at com.ibm.ws.security.core.SecurityAdmin.checkPassword(SecurityAdmin.java:639)
at java.lang.reflect.Method.invoke(Native Method)
at com.tivoli.jmx.modelmbean.MMBInvoker.invoke(MMBInvoker.java:46)
at com.tivoli.jmx.modelmbean.MMBInvoker.invokeOperation(MMBInvoker.java:115)
at com.tivoli.jmx.modelmbean.DynamicModelMBeanSupport.invoke(DynamicModelMBeanSupport.java:409)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:323)
at com.tivoli.jmx.GenericMBeanSupport.invoke(GenericMBeanSupport.java:178)
at com.tivoli.jmx.MBeanAccess.invoke(MBeanAccess.java:113)
at com.tivoli.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:290)
at com.ibm.ws.management.AdminServiceImpl.invoke(AdminServiceImpl.java:658)
at com.ibm.ws.console.security.ConnectToRuntime.authenticate(ConnectToRuntime.java:99)
at com.ibm.ws.console.security.SecurityValidation.runtimeCheck(SecurityValidation.java:236)
at com.ibm.ws.console.security.SecurityValidation.validate(SecurityValidation.java:204)
at com.ibm.ws.console.security.SecurityDetailAction.perform(SecurityDetailAction.java:175)
at org.apache.struts.action.ActionServlet.processActionPerform(ActionServlet.java:1791)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1586)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:510)
at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code))
at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code))
at com.ibm.ws.cache.servlet.ServletWrapper.serviceProxied(ServletWrapper.java(Inlined Compiled Code))
at com.ibm.ws.cache.servlet.CacheHook.handleFragment(CacheHook.java(Compiled Code))
at com.ibm.ws.cache.servlet.CacheHook.handleServlet(CacheHook.java(Compiled Code))
at com.ibm.ws.cache.servlet.ServletWrapper.service(ServletWrapper.java(Compiled Code))
at com.ibm.ws.webcontainer.servlet.StrictServletInstance.doService(StrictServletInstance.java(Compiled Code))
at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet._service(StrictLifecycleServlet.java(Compiled Code))
at com.ibm.ws.webcontainer.servlet.IdleServletState.service(StrictLifecycleServlet.java(Compiled Code))
at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet.service(StrictLifecycleServlet.java(Inlined Compiled Code))
at com.ibm.ws.webcontainer.servlet.ServletInstance.service(ServletInstance.java(Compiled Code))
at com.ibm.ws.webcontainer.servlet.ValidServletReferenceState.dispatch(ValidServletReferenceState.java(Compiled Code))
at com.ibm.ws.webcontainer.servlet.ServletInstanceReference.dispatch(ServletInstanceReference.java(Inlined Compiled Code))
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.handleWebAppDispatch(WebAppRequestDispatcher.java(Compiled Code))
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java(Compiled Code))
at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java(Compiled Code))
at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java(Compiled Code))
at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java(Compiled Code))
at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java(Compiled Code))
at com.ibm.ws.webcontainer.cache.invocation.CacheableInvocationContext.invoke(CacheableInvocationContext.java(Compiled Code))
at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java(Compiled Code))
at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java(Compiled Code))
at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java(Compiled Code))
at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java(Compiled Code))
at com.ibm.ws.http.HttpConnection.run(HttpConnection.java(Compiled Code))
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:672)
[9/19/05 12:14:44:465 CEST] 612d1a6d LdapRegistryI E SECJ0336E: Authentication failed for user wasadmin because of the following exception
[9/19/05 12:14:44:476 CEST] 612d1a6d SecurityAdmin E SECJ0297E: Error checking password for user :wasadmin. The exception is .
[9/19/05 12:14:44:507 CEST] 612d1a6d TraceNLS u Unable to load ResourceBundle com.ibm.ws.console.core.resources.ConsoleAppResources
[9/19/05 12:14:44:506 CEST] 612d1a6d ConnectToRunt E security.ctr.ckpwd.exception
[9/19/05 12:14:44:519 CEST] 612d1a6d TraceNLS u Unable to load ResourceBundle com.ibm.ws.console.core.resources.ConsoleAp
-Dino
<johan.j...@se.ibm.com> wrote in message
news:215322886.1127125445...@ltsgwas007.sby.ibm.com...
//Johan
I completed this work for a client and documented the process i detail. If you would like me to send you some documentation email me at waynej...@gmail.com.
1 Open the /apps/WebSphere/PortalServer/wmm/wmm.xml and add the searchFilter parameter the ORIGINAL is directly below:
<supportedLdapEntryTypes>
<supportedLdapEntryType name=?Person?
rdnAttrTypes=?cn?
objectClassesForRead=?userProxy?
objectClassesForWrite=?userProxy?
searchBases=?ou=users,o=alticor?/>
<supportedLdapEntryType name=?Group?
2 The new tag should look as follows:
<supportedLdapEntryTypes>
<supportedLdapEntryType name=?Person?
rdnAttrTypes=?cn?
objectClassesForRead=?userProxy?
objectClassesForWrite=?userProxy?
searchBases=?ou=users,o=alticor?
searchFilter=?(ObjectClass=userProxy)?/>
<supportedLdapEntryType name=?Group?
//Johan